CC7178 Cyber Security Management: Presenter: Kiran Kumar Shah
CC7178 Cyber Security Management: Presenter: Kiran Kumar Shah
CC7178 Cyber Security Management: Presenter: Kiran Kumar Shah
Lecture 1
Attacks: capturing network traffic and stealing password files or human error like leaving terminal
open
Security Controls: encryption, access controls(only those with sufficient privileges may
access certain information.
Threats: include device failure, and environmental issues (heat, static, flooding, power loss, and so on);
including DoS attacks,
Countermeasures: monitoring performance and network traffic(SNMP), using firewalls and routers to
prevent DoS attacks, Redundancy.
Priority of Security goals depends upon organization. Government and Military organization vs
Private(Availability).
Key Concepts of Information Security
(IAAA of CIA)
Authentication and Identification
Identity is claim about the who the user is without proof. It should be always unique
Providing an identity username; swiping a smart card; or positioning your face,
hand, or finger for a camera or scanning
single two step process. Providing an identity is the first step, and providing
theauthentication factors is the second step
Key Concepts of Information Security
(AAA of CIA)
Authorization
Actions that authorized person are allowed to perform and object that
user can access once user have been identified and authenticated.
system evaluates an access control matrix
that compares the subject, the object, and the intended activity
Principle of Least privilege.